Unable to get data from Mint Collector (https://mint.splunk.com) in my Splunk...
Data from mint dot splunk dot com isn't reflected in the Splunk Mint Add-on, why? I checked logs and I found this: 2020-01-08 00:27:54,687 DEBUG [connectionpool.py] "PUT /api/v2/events HTTP/1.1" 304 0...
View Articleconnection in jupyeter notebook has SSL wrong infos
[SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056) import splunklib.results as results import splunklib.client as client import io, os, sys, types,datetime,math,time import ssl from io...
View ArticleIs there any kind of additional cost involved in setting up splunk mobile?
Is there any kind of additional cost involved in setting up splunk mobile? is there any kind of restriction on the no. of registered device?
View ArticleSplunk ES Upgrade Compatibility
Just a quick question on Splunk Upgrade for ES https://docs.splunk.com/Documentation/VersionCompatibility/current/Matrix/CompatMatrix We are currently on Splunk ES v5.0.1 and Splunk Enterprise...
View ArticleSplunk Enpterprise - Indexer Cluster issue
Why I am not able to see Search Heads connection in Cluster Master Monitoring Console - Overview Dashboard (See 1st image) [2]: /storage/temp/280638-2.png ![alt text][2] However, I did successful...
View ArticleWhile registering device to Splunk Cloud Gateway I am getting error 503.
I tried to register my device, and threw below error: 503 error: Unable to register. Contact your Splunk administrator or try again later the document says " **The connection is unavailable or Splunk...
View ArticleSplunk Transaction command for events multiple time/day
I am using this query "index=oswin* source="WinEventLog:System" (EventCode=6005 OR EventCode=1074 OR EventCode=6006) | table _time dvc EventCode | transaction dvc" 6005=eve![alt text][1]nt service...
View ArticleRegex for CIDR exclusion
Hi, Need some help with getting a correct Regex for CIDR exclusion. *(This is an example. Not the real IP range. ) Trying to exclude events that have ips in the 79.40.96.0/22 range. Following is the...
View ArticleWhat is the fastest way to search the past 4 Mondays?
I am trying to create a search that looks at the average number of errors over the past 4 weeks, but only looking at the days that match the current day. (I am using the past 4 Mondays as an example, I...
View Articlemultiple text input Form
HI Everyone, I have multiple text input boxes. I want to achieve the below. there is one panel for each text input. I have below requirement. 1- initally I dont want to display any panel 2- once I put...
View Articlecan't open Splunk 8.01 in Mac OS Catalina, why?
I downloaded the latest version but when I try and open it I get this message: “Splunk_8.0.1.pkg” can’t be opened because Apple cannot check it for malicious software." advice?
View ArticleDB Connect with Splunk 8 and wierd errors
Hi, I am trying to use db connect 3.2.0 with Splunk 8.0.1 on Windows to access a MS SQL DB. This is a fresh install for using splunk as a heavy forwarder to get log entries from within the DB. I see...
View ArticleMonitor syslog-ng status
Hi All, We are running HF and syslog-ng on same server and we want to monitor the syslog-ng status. example if syslog-ng goes down splunk should trigger alert. Can someone suggest how we can achive this?
View ArticleHow to use token in a multi-select form input?
In the dashboard, I have created three multi-select input fields. CONTINENT, COUNTRY , STATE Example : When I click on the CONTINENT drop down as "Asia", the COUNTRY drop down multiselect field...
View ArticleCold bucket on remote/flash drive for windows os
Hi I am using Splunk on Windows OS and I want to store hot/warm buckets on local storage and cold buckets on flash shared storage so to access this flash shared storage do I require to install splunk...
View ArticleGetting Data from SharePoint to Splunk
Hi I'm trying to connect and my splunk to our sharepoint and also get data. Is there any way to do this?? Im using Splunk enterprise
View ArticleSplunk collectd matrics to multiple indexers and HF
Hello Guys, I need you help to figure out how to put multiple HF or indexer name in collectd.conf for matrices data. I want high availability for HF. Incase HF1 is down my HF2 should be able to send...
View ArticleSplunk Collectd to send data to multiple HF and indexers
Hello Guys, I need you help to figure out how to put multiple HF or indexer name in collectd.conf for matrices data. I want high availability for HF. Incase HF1 is down my HF2 should be able to send...
View ArticleIssue when upgrading from 7.2.6 to 8.0.1
Hello, we are currently on 7.2.6 and planning to upgrade with 8.0.1. When I upgraded in test environment, After starting splunk(it took longer to start). but real issue is I am not be able to access...
View ArticleLog ingested having xml tags that are not having fields extracted and named...
• Attached you will see a sample of the log I am working with. <-- tried to attach it but not enough points. Haha! • You will see in the body of the log row there are xml tags. Like CorrelationId,...
View Article